Steps to Enable/Disable Early Launch AntiMalware Protection in Windows 8

Posted by Britt Duncan - May 5, 2014

To deal with the rampant malware infested network environment, Windows 8 provides a effective protection function named Early Launch AntiMalware Protection, which helps you prevent any identified problematic driver from launching when Windows loading. Once Early Launch AntiMalware Protection is setting up, Windows will be able to turn down the hazardous drivers installed by malware with rootkit technique. In some cases, if a unknown driver is indeed essential to the Windows boot-up while fails to load due to the Early Launch AntiMalware Protection, the Windows may not be able to load properly. In that case, you can change back the settings by disable the protection feature and put system back to work again. Below is a complete guide to configure this protection feature. Please read on.

Steps to set up Early Launch AntiMalware Protection

For different visions of Windows 8, the way to enable the Early Launch AntiMalware may vary. Please select the respective guide to follow based on the individual situation.

For Windows 8 professional and Enterprise users:

Step 1: After you boot up the windows, Tap Win + F keys simultaneously to pull up the search box. Select Apps category, put in gpedit.msc.


Step 2: Choose gpedit on the displaying option on the left panel. Afterwards, the Local Computer Policy will open up. Open the trees: Computer Configuration -> Administrative Templates -> System -> Early Launch Antimalware -> Logon orderly. Then the Boot-start Driver Initialization Policy should be displayed, double click it to make further changes.


Step 3: The Boot-start Driver Initialization Policy window may now open. Click Enable option on the left setting panel, which provides four types of options as follow:

*Good only
*Good and unknown
*Good, unknown and bad but critical


As their names signify, these options respectively allow:

*Signed drives to load only
*Ones that have not been identified as malware
*Good/unknown/malicious drivers to load.
*Any driver to load no matter it’s good, bad, or unknown.

Note: How to make the choice among these four options? Well, if you prefer the Good only or All setting, you may either rule out the unknown yet is essential to system boo-up ones (which indicates Windows boot-up failure) or let in all malicious drivers. Hence, these two are not recommended. The Good and unknown choice helps you protected against most drivers considered as malicious but may also poses false positive examination. Good, unknown and bad but critical cannot avoid loading the intrusive drivers, but only in this way you can log into the system first and clean up the baleful drivers if there are any.

Step 4: Select what kind of protection feature you want from the given four options, click Apply and OK to complete the configuration process.


Step 5: Reboot the PC to take effect the changes.

For other versions of Windows 8 users:

Step 1: Click Win + R keys together to open Run box, type regedit in the box and tap Enter.

Note: Any mistakes made during registry modification may lead to system malfunction. Therefore, it is highly suggested that you back up registry files in advance.

Step 2: At the opening Windows Registry Editor, expend HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Policies\EarlyLaunch\DriverLoadPolicy in turn.


Step 3: Right click on the DriverLoadPolicy key, select Modify and assign value by 8/1/3/7 to match the Good only/Good and unknown/Good, unknown and bad but critical/All options accordingly to suit your need.



Note: If you still swing back and forth among these four choices, please refer to the note in the above step 3 section for more detailed illustration.

Step 4: Click OK when you’re done with key modification and exit the registry editor. Restart the computer to put the changes into effect.

Steps to disable Early Launch AntiMalware Protection

There will be great chances Windows will start unproperly if you activate the Early Launch AntiMalware Protection and stick to a stricter protection option, like loading the good and signed drives only. In that case, some unknown yet important drivers are blocked from launching which leads to Windows boot-up failure. If so, you have to disable the Early Launch AntiMalware Protection to start Windows first and have a check over the system.

Step 1: Press Win + R keys to trigger search box and select settings category from the search type. Input advanced in the search box. Then, select advanced startup options from the search results.


Step 2: Drag down the displayed setting list and click restart now option which will bring you to the Advanced Startup menu after PC reboots. Click Troubleshoot option and then Advanced options link.





Step 3: At the Advanced option screen, click Startup settings and then Restart button on the down right corner. Subsequently, the Startup settings menu will show up. Tap number 8 on the keyboard to select Disable early launch anti-malware protection option.



Step 4: Now the Windows will relaunch automatically and the early launch anti-malware protection will be disabled temporarily. You now can access windows and check for malicious programs or drivers.

Tips: Some stubborn malware infections may hoop deep inside the computer and hid their files among system ones, which makes it difficult to search for and remove every harmful file manually. Therefore, it is highly suggested that you download and install the powerful auto tool below to perform a effortless check.

Download Automatic Virus Removal Tool Now

Note: SpyHunter is a powerful anti-malware tool. Its malware scanner checks to see if your computer is infected with malware for free. If you want to remove the detected malware, you will need to purchase it. More information about the program can be found in SpyHunter review. If you do not want to use it, uninstall SpyHunter here.

The Previous:
The Next:

Comments are closed.


TESTED:  14 Nov